Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Greg_Harewood
Contributor

set generic-object ....help me with arrays please!

Hi!

show generic-object uid xxx is enormously useful and self documenting.

For settings aspects of the same, parameters of owned objects are simple enough, e.g.

set generic-object uid FWUID firewallSetting.connectionsLimit 50000

For arrays of objects, such as interfaces of a firewall, there is scattered documentation for things like...

set generic-object uid FWUID interfaces.add.create "com.checkpoint.objects.classes.dummy.CpmiClusterInterface" \
interfaces.add.owned-object.netmask "255.255.255.0" \
interfaces.add.owned-object.ipaddr 22.22.22.22

I've also found that I can remove an owned object by uid such as the above interface with...

set generic-object uid bbdf2604-ae6b-2942-ab8e-f4b0f7d31fa8 interfaces.remove 35b0b1ab-a323-49ec-b72b-d98eea2ddd89

What's missing from this picture is how to edit contents of owned objects in an array. PLEASE HELP! 🙂

I've tried things like....

set generic-object uid FWUID interfaces.0.netmask "255.255.255.0"

code: "generic_err_invalid_parameter"
message: "An object was requested to be added to the collection: 'interfaces', however create is missing"

...but no dice.  There must surely be  away to set parameters inside arrays of owned objects but I can't work it out.  My requirement by the way is to round trip a gateway from one VSX to another.  It's working, we've been using it in anger, but at the moment we have to check anti-spoofing parameters by hand and I'm highly motivated to be able to put them back after the vsx_provisioning_tool add vd.

Thanks for any help!

5 Replies
Greg_Harewood
Contributor

You know how laying out an explanation for other people can sometimes help?  I've made progress...

 

set generic-object uid <GWUID> interfaces.set.1.uid <IFUID> interfaces.set.1.owned-object.security.antispoof true
set generic-object uid <GWUID> interfaces.set.1.uid <IFUID> interfaces.set.1.owned-object.ipaddr 99.101.102.103

(The 1 is arbitrary as far as I can tell and just used to associate the two parameters.)  These work, and showing the generic object puts them in the right place.  However, they don't appear in the GUI (even after publish).  What do I need to do to get these propagated and active?

 

0 Kudos
PhoneBoy
Admin
Admin

This might be one of those things generic-objects can’t do.
I ran into something similar when I was trying to edit platform portal, which I believe is stored in a similar structure.
@Omer_Kleinstern 

Greg_Harewood
Contributor

I don't know why it didn't seem to be picking up the change - probably an unrelated issue.  It's working quite well now actually.

Follow-on question .... with web_api, I can clearly distinguish between null, 0, and "".  I don't know how to do so with mgmt_cli.  Can you help at all?  In particular, things like the security.netaccess.allowed field... how do I set to null, rather than ""?  I seem to remember seeing *NULL* used somewhere, but I can no longer find the reference.

 

PhoneBoy
Admin
Admin

Maybe null without quotes?

0 Kudos
Greg_Harewood
Contributor

I've sort of accepted that if I want to send null, I have to use web_api directly, which is typed.  Not great, but if you find out better, let me know!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events